Difference between revisions of "Linux Security"

no edit summary
imported>Tele
imported>Tele
Line 147: Line 147:
* You can detect "zombie" processes and delete them.
* You can detect "zombie" processes and delete them.
* You can limit the maximum number of processes. This is protection against fork bomb attack, but it does not guarantee system stability, if the user's process will be important for the stability of the system.
* You can limit the maximum number of processes. This is protection against fork bomb attack, but it does not guarantee system stability, if the user's process will be important for the stability of the system.
 
* "'''Sandbox'''" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. I heard about two. The first is to set up a separate account with restricted rights for programs. Second this is '''Firejail''', but when I tested it it does not work efficiently. During the system start, all rules are loaded instead of just for only programs which will running.


[[Category:Contents Page]]
[[Category:Contents Page]]
Anonymous user